Jeff Phillips discovered that libpng does not properly parse 1-bitinterlaced images with width values that are not divisible by 8, whichcauses libpng to include uninitialized bits in certain rows of a PNGfile.

Impact======

A remote attacker might entice a user to open a specially crafted PNGfile, possibly resulting in the disclosure of sensitive memoryportions.

This GLSA and any updates to it are available for viewing atthe Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200906-01.xml

Concerns?=========

Security is a primary focus of Gentoo Linux and ensuring theconfidentiality and security of our users machines is of utmostimportance to us. Any security concerns should be addressed tosecurity@gentoo.org or alternatively, you may file a bug athttp://bugs.gentoo.org.